Security Advisory

CVE-2026-1584

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-09 18:00:21

Last updated 2026-05-03 13:15:17

Assigner redhat

State PUBLISHED

Description

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

← Browse all CVEs View on cve.org ↗